- CEO and CFO affirmations generally have a trickle-down affect on any other executives and managers who deal with financial data.
Burdens on Finance departments include:
- Financial processes must be documented.
- Controls over those processes must be documented.
- Roles and responsibilities for the processes and controls must be formalized, documented, and proved.
SOX requires that financial data must unambiguously roll up from multiple departments and locations into a single report. This can be a problem where multiple systems exist. To comply, Finance departments have found they must sometimes replace informal or undocumented practices with more formal ones.
Data and IT departments have been affected, too:
- Because many IT projects and systems are costly, they can affect corporate financials. Rules about funding, allocating charges to capital vs. expense budgets, and time reporting are stricter.
- Because financial systems must have corresponding controls, IT staff that use and support the systems have been asked to participate in completing system and process documentation.
- Databases, systems, and processes may have to go through a more formal change management process.